Another important enhancement involves the use of the
sticky bit on directories.
A directory with the sticky bit set means that only the file owner
and the superuser may remove files from that directory. Other users are
denied the right to remove files
regardless of the directory permissions.
Unlike with file sticky bits, the sticky bit on
directories remains there until the
directory owner or superuser explicitly removes the
directory or
changes the permissions.

You can gain the most security from this feature by placing the
sticky bit on
all public directories. These directories are writable by any
non-administrator. You should train users that the sticky bit,
together with the default umask of 077,
solves a big problem for less secure systems. Together, both features
prevent other users from altering or replacing any file you have in a public
directory. The only information they can gain from the file is its name and
attributes.

Example 5-2
illustrates the power of such a scheme. The sticky
bit is the ``t'' in the permissions for the directory.

The only files removed are those owned by user slm (the user in the example).
The user slm could not remove any other file, even the
accessible file /tmp/openfile. However, the mode setting of the file
itself allowed slm to destroy the file contents; this is why the
umask setting is important in protecting data. Conversely, the mode on
/tmp/protfile, together with the sticky
bit on /tmp, makes /tmp/protfile impenetrable.

All public directories should have the sticky bit set. These
include, but are not limited to:

/tmp

/usr/tmp

/usr/spool/uucppublic

If you are unsure, it is far better to set the
sticky bit on a directory than
to leave it off. You can set the sticky bit on a directory with the
following command, where directory is the name of the directory:

chmod u+tdirectory

To remove the bit, replace the ``+'' with a ``-'' in the
chmod command.